package com.sgj.controller;

import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

/**
 * @author 沈国纪
 * @date 2021/12/11 21:24
 */
@Slf4j
@Controller
@RequestMapping("/order")
public class OrderController {

	@RequestMapping("/save")
	// @RequiresRoles(value = {"admin", "user"})     // 用来判断角色
	@RequiresPermissions("user:update:01")
	public String save() {
		log.info("[OrderController][save] 进入方法");
		// // 获取主体对象
		// Subject subject = SecurityUtils.getSubject();

		// // 代码校验权限
		// if (subject.hasRole("admin")) {
		// 	log.info("[OrderController][save] 保存订单");
		// } else {
		// 	log.info("[OrderController][save] 无权访问");
		// }

		return "redirect:/index.jsp";
	}
}